E-Benefit, an independent insurance brokerage firm based in New York, announced that it had experienced a data breach potentially affecting sensitive personal identifiable information (PII) and protected health information (PHI) in its systems. The breach was discovered when E-Benefit learned that a third party had gained unauthorized access to its network environment. This led the company to launch an investigation to assess the nature of the incident and identify which data was impacted.
Through its investigation, E-Benefit confirmed that the unauthorized third party may have accessed and acquired personal information, including Social Security numbers, dates of birth, driver’s license numbers, and medical details such as diagnosis, treatment, and insurance policy numbers. The breach is believed to have occurred on or about July 11, 2024. E-Benefit is reviewing the data to determine the specific individuals affected and what information was exposed in the breach.
E-Benefit posted a notice on its website detailing the breach and informing affected individuals.
On January 13, 2025, E-Benefit posted a notice on its website detailing the breach and informing affected individuals. The company also mailed breach notification letters to those whose information was compromised. In addition, E-Benefit is offering complimentary credit monitoring services to affected individuals, along with a list of the specific types of sensitive data that may have been exposed during the breach.
E-Benefit has been providing comprehensive employee benefits programs to businesses since its establishment in 2007, including individual and group insurance solutions, medical insurance, and benefits consultation. As part of the Soloman Insurance Group, E-Benefit operates across multiple locations, including New York, New Jersey, Virginia, and South Korea. The breach incident underscores the importance of safeguarding sensitive data in industries dealing with personal and health information.
Reference:
